Vulnerabilities > Alcatelmobile > Cingular Flip 2 Firmware
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-11-26 | CVE-2019-16243 | Missing Authentication for Critical Function vulnerability in Alcatelmobile Cingular Flip 2 Firmware B9Huah1 On TCL Alcatel Cingular Flip 2 B9HUAH1 devices, there is an undocumented web API that allows unprivileged JavaScript, including JavaScript running within the KaiOS browser, to view and edit the device's firmware over-the-air update settings. | 4.3 |
| 2019-11-26 | CVE-2019-16242 | OS Command Injection vulnerability in Alcatelmobile Cingular Flip 2 Firmware B9Huah1 On TCL Alcatel Cingular Flip 2 B9HUAH1 devices, there is an engineering application named omamock that is vulnerable to OS command injection. | 7.2 |
| 2019-11-26 | CVE-2019-16241 | Exposure of Resource to Wrong Sphere vulnerability in Alcatelmobile Cingular Flip 2 Firmware B9Huah1 On TCL Alcatel Cingular Flip 2 B9HUAH1 devices, PIN authentication can be bypassed by creating a special file within the /data/local/tmp/ directory. | 4.6 |